Legal claims defining the scope of protection, as filed with the USPTO.
1. A computer implemented method for securing a sensor network with a three party password protocol, the computer implemented method comprising: sending, from a first sensor to a second sensor, a first message comprising a location of the first sensor and a first ephemeral value, wherein the first ephemeral value is encrypted using a first environmental value measured at the first sensor; sending, from the second sensor to a trusted third party, a second message comprising the location of the first sensor, a location of the second sensor, the first ephemeral value, wherein the first ephemeral value is encrypted using the first environmental value measured at the first sensor, and a second ephemeral value, wherein the second ephemeral value is encrypted using a second environmental value measured at the second sensor; sending, from the trusted third party to the first sensor, a third message comprising a third ephemeral value, wherein the third ephemeral value is encrypted using a third environmental value measured at the trusted third party, and a session key shared between the first sensor and the second sensor, wherein the session key is encrypted using a first ephemeral key; and sending, from the trusted third party to the second sensor, a fourth message comprising a fourth ephemeral value, wherein the fourth ephemeral value is encrypted using a fourth environmental value measured at the trusted third party, and the session key, wherein the session key is encrypted using a second ephemeral key; wherein the first environmental value, second environmental value, third environmental value, and fourth environmental value comprise different environmental values.
2. The computer implemented method of claim 1 , wherein the three party password protocol comprises a combination of a password protocol and a three party protocol.
3. The computer implemented method of claim 1 , wherein the password protocol is a Diffie-Hellman password protocol, and wherein the three party protocol is a Bellare-Rogaway three party key distribution protocol.
4. The computer implemented method of claim 1 , wherein the first environmental value, second environmental value, third environmental value, and fourth environmental value change each time the protocol is run.
5. The computer implemented method of claim 1 , further comprising: discarding the first ephemeral key and the second ephemeral key after the three party password protocol is completed.
6. The computer implemented method of claim 1 , wherein the sensor network is a wireless body sensor network.
7. The computer implemented method of claim 1 , wherein the first environmental value, second environmental value, third environmental value, and fourth environmental value comprise physiological data collected from sensors placed in proximity to or within a human body.
8. The computer implemented method of claim 7 , wherein the physiological data comprises cryptographically weak values.
9. The computer implemented method of claim 7 , wherein the physiological data comprises one of inter-pulse interval or heart rate variance values.
10. The computer implemented method of claim 1 , wherein sending the first message further comprises: creating the first ephemeral value using an equation t As =g r A , wherein g is a random number generator and r A is a random value; and encrypting the first ephemeral value with the first environmental value.
11. The computer implemented method of claim 10 , wherein sending the second message further comprises: creating the second ephemeral value using an equation t BS =g r B , where r B is a random value; and encrypting the second ephemeral value with the second environmental value.
12. The computer implemented method of claim 11 , wherein sending the third message further comprises: creating the first ephemeral key between the first sensor and the trusted third party using the first ephemeral value using an equation K As =t AS r B ; creating the session key comprising a random number generated by the trusted third party; and encrypting the session key with the first ephemeral key.
13. The computer implemented method of claim 12 , wherein sending the fourth message further comprises: creating the second ephemeral key between the second sensor and the trusted third party using the second ephemeral value in an equation K BS =t BS r B ; and encrypting the session key with the second ephemeral key.
14. A computer implemented method for securing a sensor network with a three party password protocol, the computer implemented method comprising: sending, from a first sensor to a trusted third party, a first message comprising a location of the first sensor, a location of a second sensor, a first nonce, and a first ephemeral value, wherein the first ephemeral value is encrypted using a first environmental value measured at the first sensor; sending, from the trusted third party to the second sensor, a second message comprising the location of the first sensor, the first nonce, a first authentication construct, wherein the first authentication construct is encrypted using a second environmental value shared between the trusted third party and the second sensor, a first mask encrypted using the second environmental value, a second authentication construct encrypted using an ephemeral key, a second mask encrypted using the ephemeral key, and a second ephemeral value encrypted using the second environmental value, wherein the second environmental value is measured at the trusted third party; sending, from the second sensor to the first sensor, a third message comprising the first nonce, wherein the first nonce is encrypted using a session key shared between the first sensor and the second sensor, a second nonce created by the second sensor, the second authentication construct encrypted using the ephemeral key, the second mask encrypted using the first ephemeral value, and the second ephemeral value encrypted using the second environmental value; and sending, from the first sensor to the second sensor, a fourth message comprising the second nonce, wherein the second nonce is encrypted using the ephemeral key; wherein the first environmental value and the second environmental value comprise environmental values of different cryptographic strength.
15. The computer implemented method of claim 14 , wherein the three party password protocol comprises a combination of a password protocol and a three party protocol.
16. The computer implemented method of claim 14 , wherein the password protocol is a Diffie-Hellman password protocol, and wherein the three party protocol is a Boyd four-pass key distribution protocol.
17. The computer implemented method of claim 14 , wherein the sensor network is a wireless body sensor network.
18. The computer implemented method of claim 14 , wherein the first environmental value and the second environmental value comprise physiological data collected from sensors placed in proximity to or within a human body.
19. The computer implemented method of claim 18 , wherein the physiological data comprises one of inter-pulse interval or heart rate variance values.
20. The computer implemented method of claim 18 , wherein the first environmental value and the second environmental value include both cryptographically strong and cryptographically weak physiological data.
21. The computer implemented method of claim 14 , wherein sending the first message further comprises: generating the first nonce at the first sensor; creating the first ephemeral value using an equation t AS =g r A , wherein g is a random number generator and r A is a random value; and encrypting the first ephemeral value with the first environmental value.
22. The computer implemented method of claim 21 , wherein sending the second message further comprises: creating the first authentication construct comprising the location of the first sensor, a location of the second sensor, and a key generated by the trusted third party; encrypting the first authentication construct using the second environmental value shared between the trusted third party and the second sensor; creating the first mask comprising the first authentication construct; encrypting the first mask using the second environmental value; creating a second authentication construct comprising the location of the first sensor, a location of the second sensor, and the key generated by the trusted third party; encrypting the second authentication construct using the ephemeral key; creating the second mask comprising the second authentication construct; encrypting the second mask using the ephemeral key; creating the second ephemeral value using an equation t sA =g r B , where r B is a random value; and encrypting the second ephemeral value with the second environmental value.
23. The computer implemented method of claim 22 , wherein sending the third message further comprises: generating the second nonce at the second sensor; and encrypting the first nonce using the ephemeral key.
24. The computer implemented method of claim 23 , wherein sending the fourth message further comprises: encrypting the second nonce using the ephemeral key.
25. A computer implemented apparatus for securing a sensor network with a three party password protocol, the computer implemented apparatus comprising: a first sensor which senses a first environmental value; a second sensor which senses a second environmental value; and a trusted third party which senses a third environmental value and a fourth environmental value; wherein the first sensor, second sensor, and trusted third party are coupled to form the sensor network; wherein the first environmental value, second environmental value, third environmental value, and fourth environmental value comprise different environmental values; wherein the first sensor sends a first message to the second sensor comprising a location of the first sensor and a first ephemeral value, wherein the first ephemeral value is encrypted using a first environmental value measured at the first sensor; wherein the second sensor sends a second message to the trusted third party comprising the location of the first sensor, a location of the second sensor, the first ephemeral value, wherein the first ephemeral value is encrypted using the first environmental value measured at the first sensor, and a second ephemeral value, wherein the second ephemeral value is encrypted using a second environmental value measured at the second sensor; wherein the third party sends a third message to the first sensor comprising a third ephemeral value, wherein the third ephemeral value is encrypted using a third environmental value measured at the trusted third party and a session key shared between the first sensor and the second sensor, wherein the session key is encrypted using a first ephemeral key; and wherein the trusted third party sends a fourth message to the second sensor comprising a fourth ephemeral value, wherein the fourth ephemeral value is encrypted using a fourth environmental value measured at the trusted third party, and the session key, wherein the session key is encrypted using a second ephemeral key.
26. The computer implemented apparatus of claim 25 , wherein the three party password protocol comprises a combination of a password protocol and a three party protocol.
27. The computer implemented apparatus of claim 25 , wherein the password protocol is a Diffie-Hellman password protocol, and wherein the three party protocol is a Bellare-Rogaway three party key distribution protocol.
28. The computer implemented apparatus of claim 25 , wherein the first environmental value, second environmental value, third environmental value, and fourth environmental value change each time the protocol is run.
29. The computer implemented apparatus of claim 25 , further comprising: discarding the first ephemeral key and the second ephemeral key after the three party password protocol is completed.
30. The computer implemented apparatus of claim 25 , wherein the sensor network is a wireless body sensor network.
31. The computer implemented apparatus of claim 25 , wherein the first environmental value, second environmental value, third environmental value, and fourth environmental value comprise physiological data collected from the first sensor, the second sensor, and the trusted third party.
32. The computer implemented apparatus of claim 31 , wherein the physiological data comprises cryptographically weak values.
33. The computer implemented apparatus of claim 31 , wherein the physiological data comprises one of inter-pulse interval or heart rate variance values.
34. The computer implemented apparatus of claim 25 , wherein the first sensor sends the first message by creating the first ephemeral value using an equation t As =g r A wherein g is a random number generator and r A is a random value, and encrypting the first ephemeral value with the first environmental value.
35. The computer implemented apparatus of claim 34 , wherein the second sensor sends the second message by creating the second ephemeral value using an equation t BS =g r B where r B is a random value, and encrypting the second ephemeral value with the second environmental value.
36. The computer implemented apparatus of claim 35 , wherein the trusted third party sends the third message by creating the first ephemeral key between the first sensor and the trusted third party using the first ephemeral value using an equation K AS =t AS r B , creating the session key comprising a random number generated by the trusted third party, and encrypting the session key with the first ephemeral key.
37. The computer implemented apparatus of claim 36 , wherein the trusted third party sends the fourth message by creating the second ephemeral key between the second sensor and the trusted third party using the second ephemeral value in an equation K BS =t BS r B , and encrypting the session key with the second ephemeral key.
38. A non-transitory computer program product for securing a sensor network with a three party password protocol, the computer program product comprising: a computer usable storage device having computer usable program code tangibly embodied thereon, the computer usable program code comprising: computer usable program code for sending, from a first sensor to a second sensor, a first message comprising a location of the first sensor and a first ephemeral value, wherein the first ephemeral value is encrypted using a first environmental value measured at the first sensor; computer usable program code for sending, from the second sensor to a trusted third party, a second message comprising the location of the first sensor, a location of the second sensor, the first ephemeral value, wherein the first ephemeral value is encrypted using the first environmental value measured at the first sensor, and a second ephemeral value, wherein the second ephemeral value is encrypted using a second environmental value measured at the second sensor; computer usable program code for sending, from the trusted third party to the first sensor, a third message comprising a third ephemeral value, wherein the third ephemeral value is encrypted using a third environmental value measured at the trusted third party and a session key shared between the first sensor and the second sensor, wherein the session key is encrypted using a first ephemeral key; and computer usable program code for sending, from the trusted third party to the second sensor, a fourth message comprising a fourth ephemeral value, wherein the fourth ephemeral value is encrypted using a fourth environmental value measured at the trusted third party, and the session key, wherein the session key is encrypted using a second ephemeral key; wherein the first environmental value, second environmental value, third environmental value, and fourth environmental value comprise different environmental values.
39. The non-transitory computer program product of claim 38 , wherein the three party password protocol comprises a combination of a password protocol and a three party protocol.
40. The non-transitory computer program product of claim 38 , wherein the password protocol is a Diffie-Hellman password protocol, and wherein the three party protocol is a Bellare-Rogaway three party key distribution protocol.
41. The non-transitory computer program product of claim 38 , wherein the first environmental value, second environmental value, third environmental value, and fourth environmental value change each time the protocol is run.
42. The non-transitory computer program product of claim 38 , further comprising: computer usable program code for discarding the first ephemeral key and the second ephemeral key after the three party password protocol is completed.
43. The non-transitory computer program product of claim 38 , wherein the sensor network is a wireless body sensor network.
44. The non-transitory computer program product of claim 38 , wherein the first environmental value, second environmental value, third environmental value, and fourth environmental value comprise physiological data collected from sensors placed in proximity to or within a human body.
45. The non-transitory computer program product of claim 44 , wherein the physiological data comprises cryptographically weak values.
46. The non-transitory computer program product of claim 44 , wherein the physiological data comprises one of inter-pulse interval or heart rate variance values.
47. The non-transitory computer program product of claim 38 , wherein the computer usable program code for sending the first message further comprises: computer usable program code for creating the first ephemeral value using an equation t AS =g r A , wherein g is a random number generator and r A is a random value; and computer usable program code for encrypting the first ephemeral value with the first environmental value.
48. The non-transitory computer program product of claim 47 , wherein the computer usable program code for sending the second message further comprises: computer usable program code for creating the second ephemeral value using an equation t BS =g r B , where r B is a random value; and computer usable program code for encrypting the second ephemeral value with the second environmental value.
49. The non-transitory computer program product of claim 48 , wherein the computer usable program code for sending the third message further comprises: computer usable program code for creating the first ephemeral key between the first sensor and the trusted third party using the first ephemeral value using an equation K AS =t AS r B ; computer usable program code for creating the session key comprising a random number generated by the trusted third party; and computer usable program code for encrypting the session key with the first ephemeral key.
50. The non-transitory computer program product of claim 49 , wherein the computer usable program code for sending the fourth message further comprises: computer usable program code for creating the second ephemeral key between the second sensor and the trusted third party using the second ephemeral value in an equation K BS =t BS r B ; and computer usable program code for encrypting the session key with the second ephemeral key.
51. A non-transitory computer program product for securing a sensor network with a three party password protocol, the computer program product comprising: a computer usable storage device having computer usable program code tangibly embodied thereon, the computer usable program code comprising: computer usable program code for sending, from a first sensor to a trusted third party, a first message comprising a location of the first sensor, a location of a second sensor, a first nonce, and a first ephemeral value, wherein the first ephemeral value is encrypted using a first environmental value measured at the first sensor; computer usable program code for sending, from the trusted third party to the second sensor, a second message comprising the location of the first sensor, the first nonce, a first authentication construct, wherein the first authentication construct is encrypted using a second environmental value shared between the trusted third party and the second sensor, a first mask encrypted using the second environmental value, a second authentication construct encrypted using an ephemeral key, a second mask encrypted using the ephemeral key, and a second ephemeral value encrypted using the second environmental value, wherein the second environmental value is measured at the trusted third party; computer usable program code for sending, from the second sensor to the first sensor, a third message comprising the first nonce, wherein the first nonce is encrypted using a session key shared between the first sensor and the second sensor, a second nonce created by the second sensor, the second authentication construct encrypted using the ephemeral key, the second mask encrypted using the first ephemeral value, and the second ephemeral value encrypted using the second environmental value; and computer usable program code for sending, from the first sensor to the second sensor, a fourth message comprising the second nonce, wherein the second nonce is encrypted using the ephemeral key; wherein the first environmental value and the second environmental value comprise environmental values of different cryptographic strength.
52. The non-transitory computer program product of claim 51 , wherein the three party password protocol comprises a combination of a password protocol and a three party protocol.
53. The non-transitory computer program product of claim 51 , wherein the password protocol is a Diffie-Hellman password protocol, and wherein the three party protocol is a Boyd four-pass key distribution protocol.
54. The non-transitory computer program product of claim 51 , wherein the sensor network is a wireless body sensor network.
55. The non-transitory computer program product of claim 51 , wherein the first environmental value and the second environmental value comprise physiological data collected from sensors placed in proximity to or within a human body.
56. The non-transitory computer program product of claim 55 , wherein the physiological data comprises one of inter-pulse interval or heart rate variance values.
57. The non-transitory computer program product of claim 55 , wherein the first environmental value and the second environmental value include both cryptographically strong and cryptographically weak physiological data.
58. The non-transitory computer program product of claim 51 , wherein the computer usable program code for sending the first message further comprises: computer usable program code for generating the first nonce at the first sensor; computer usable program code for creating the first ephemeral value using an equation t AS =g r A , wherein g is a random number generator and r A is a random value; and computer usable program code for encrypting the first ephemeral value with the first environmental value.
59. The non-transitory computer program product of claim 58 , wherein the computer usable program code for sending the second message further comprises: computer usable program code for creating the first authentication construct comprising the location of the first sensor, a location of the second sensor, and a key generated by the trusted third party; computer usable program code for encrypting the first authentication construct using the second environmental value shared between the trusted third party and the second sensor; computer usable program code for creating the first mask comprising the first authentication construct; computer usable program code for encrypting the first mask using the second environmental value; computer usable program code for creating a second authentication construct comprising the location of the first sensor, a location of the second sensor, and the key generated by the trusted third party; computer usable program code for encrypting the second authentication construct using the ephemeral key; computer usable program code for creating the second mask comprising the second authentication construct; computer usable program code for encrypting the second mask using the ephemeral key; computer usable program code for creating the second ephemeral value using an equation t SA =g r B , where r B is a random value; and computer usable program code for encrypting the second ephemeral value with the second environmental value.
60. The non-transitory computer program product of claim 59 , wherein the computer usable program code for sending the third message further comprises: computer usable program code for generating the second nonce at the second sensor; and computer usable program code for encrypting the first nonce using the ephemeral key.
61. The non-transitory computer program product of claim 60 , wherein the computer usable program code for sending the fourth message further comprises: computer usable program code for encrypting the second nonce using the ephemeral key.
Unknown
January 1, 2013
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.